GHSA-pj45-8vhc-mh2f, CVE-2017-1000402
maven/org.jenkins-ci.plugins/swarm-client
Improper Input Validation
Jenkins Swarm Plugin Client 3.4 and earlier bundled a version of the commons-httpclient library with the vulnerability CVE-2012-6153 that incorrectly verified SSL certificates, making it susceptible to man-in-the-middle attacks.
All versions up to 3.4
Upgrade to version 3.5 or above.
2022-11-23
source |